Feeds

Spyware scumbags make $2bn a year

Cash from chaos

  • alert
  • submit to reddit

Combat fraud and increase customer satisfaction

Spyware ­ invasive programs that generate pop-ups, hijack home pages, redirect searches and poison DNS files ­ generates an estimated $2bn in revenue a year1, according to a study by anti-spyware firm Webroot. It estimates the surreptitious spyware and adware market "may be approaching 25 per cent" of the already-established market of online advertising.

As we've noted before, it's hard to square Webroot's $2n estimate with the observable size of adware market. Webroot's This calculation assumes a uniform distribution of spyware, among other statistical sins. Estimates on the damage caused by computer viruses are a notoriously inexact science. The same seems to apply to looking at the adware market.

SpyAudit

In the first quarter of 2005, 88 per cent of scans using Webroot's SpyAudit software found some form of unwanted program (Trojan, system monitor, cookie or adware) on consumer computers. The vast majority of corporate PCs (87 per cent) also harboured undesirable programs or cookies. Excluding cookies, more than 55 per cent of corporate PCs contained unwanted programs. Infested consumer PCs contained an average of 7.2 non-cookie infections.

Cookies annoy some people but they are nowhere near as serious a problem as key=logging or Trojan horse programs. System monitor (key logger programs) were found in seven per cent of consumer and enterprise PCs scanned using Webroot's software, down from 19 per cent in Q4 2004. Trojan horse programs were found on 19 per cent of consumer PCs and seven per cent of enterprise PCs, unchanged from Q4 2004.

Consumer sites 'riddled' with spyware

Webroot's data comes from analysis of stats from Webroot's consumer and corporate SpyAudit tools and from online research culled by Phileas, Webroot's automated spyware research system. Contrary to the perceived wisdom that spyware comes only from a limited number of dodgy online porn and warez sites, Phileas identified 4,294 sites (with almost 90,000 pages) containing some form of spyware.

Webroot's State of Spyware report names and shames the top ten most significant emerging spyware and adware threats based on detection, as well as potential impact. CoolWebSearch, an infamous piece of adware with over 100 different variants, was dubbed the top threat. GAIN and 180search Assistant were the next two most prevalent nuisances. ®

1 Webroot's figure for the value of the spyware market comes from multiplying the average number of pieces of adware per machines (4.38 - according to Webroot) times the number of active users on the net (290m - according to Nielsen Netratings) times the value of each adware installation per year ($2.25 - a figure derived Claria's filing that it made $90m a year from 40m "users").

Related links

Webroot's State of Spyware report (registration required)

Related stories

Adware-infected PCs net slimeware firms $3 a pop
Anti-spyware group collapses
Drive-by Trojans exploit browser flaws

SANS - Survey on application security programs

Whitepapers

Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.